VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o preventivku, dekuju

https://forum.viry.cz:443/viewtopic.php?t=110114

Stránka 1 z 1

prosim o preventivku, dekuju

Napsal: 09 bře 2011 08:42
od Laydee
bre ranko :)

Logfile of random's system information tool 1.08 (written by random/random)
Run by Laydenka at 2011-03-09 08:41:04
Microsoft Windows 7 Ultimate
System drive C: has 5 GB (11%) free of 50 GB
Total RAM: 3839 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:41:07, on 9.3.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Program Files\360Amigo\360Amigo.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\AIMP3\AIMP3.exe
C:\Program Files\trend micro\Laydenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [360Amigo] "C:\Program files\360Amigo\360Amigo.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7508 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000724
\??\C:\Windows\system32\conhost.exe
WLIDSvcM.exe 2160
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\360Amigo\360Amigo.exe" -autorun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4604.7786780.289818802 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 4604 plugin \\.\pipe\gecko-crash-server-pipe.4604
"C:\Program Files (x86)\AIMP3\AIMP3.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Laydenka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-03 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"360Amigo"=C:\Program files\360Amigo\360Amigo.exe [2011-01-27 4003912]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Infium"=C:\Program Files (x86)\QIP 2010\qip.exe [2011-02-01 5856640]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-12-13 281768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]

C:\Users\Laydenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2011-03-09 08:41:04 ----D---- C:\rsit
2011-03-07 19:10:36 ----D---- C:\Program Files (x86)\Browser Plugin
2011-03-04 19:36:20 ----SHD---- C:\Windows\ftpcache
2011-03-04 19:36:19 ----A---- C:\Windows\Natura Sound Therapy Uninstaller.exe
2011-03-04 19:36:18 ----D---- C:\Program Files (x86)\Natura Sound Therapy
2011-03-01 17:07:20 ----D---- C:\Users\Laydenka\AppData\Roaming\Sakura
2011-03-01 17:06:10 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2011-03-01 17:06:10 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2011-03-01 17:06:10 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2011-02-23 22:11:25 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2011-02-23 22:11:25 ----A---- C:\Windows\system32\wcncsvc.dll
2011-02-23 11:54:45 ----D---- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11
2011-02-23 09:55:53 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-02-23 09:55:53 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-02-23 09:55:53 ----A---- C:\Windows\system32\XpsPrint.dll
2011-02-23 09:55:53 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-02-22 12:44:10 ----A---- C:\Windows\system32\uxtheme.dll.backup
2011-02-22 12:44:08 ----A---- C:\Windows\system32\themeui.dll.backup
2011-02-22 12:44:03 ----A---- C:\Windows\system32\themeservice.dll.backup
2011-02-20 21:26:22 ----HDC---- C:\ProgramData\{9D92E4DF-0CEE-44D4-A4FE-2B4A438E1607}
2011-02-20 21:20:53 ----D---- C:\Program Files\Common Files\Native Instruments
2011-02-20 21:20:52 ----D---- C:\Program Files\Native Instruments
2011-02-20 20:18:29 ----A---- C:\Windows\SYSWOW64\SYNSOEMU.DLL
2011-02-16 17:18:09 ----D---- C:\Windows\cs
2011-02-16 17:16:29 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-02-16 17:15:29 ----D---- C:\Program Files (x86)\Windows Live
2011-02-16 17:14:22 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2011-02-16 17:14:22 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2011-02-16 17:14:22 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-02-16 17:14:22 ----A---- C:\Windows\system32\UIRibbon.dll
2011-02-14 14:53:25 ----D---- C:\Users\Laydenka\AppData\Roaming\Ashampoo

======List of files/folders modified in the last 1 months======

2011-03-09 08:41:07 ----D---- C:\Windows\Prefetch
2011-03-09 08:41:06 ----D---- C:\Program Files\trend micro
2011-03-09 08:37:01 ----D---- C:\Users\Laydenka\AppData\Roaming\AIMP3
2011-03-09 08:31:03 ----SHD---- C:\System Volume Information
2011-03-09 08:27:32 ----D---- C:\Windows\temp
2011-03-09 08:27:32 ----D---- C:\Windows\system32\catroot2
2011-03-09 08:27:32 ----D---- C:\Windows
2011-03-09 08:24:46 ----D---- C:\Program Files (x86)\PokerStars.NET
2011-03-09 08:24:23 ----SHD---- C:\Windows\Installer
2011-03-09 08:24:22 ----D---- C:\Program Files (x86)\Common Files
2011-03-09 08:24:21 ----D---- C:\Program Files\Common Files
2011-03-09 08:24:21 ----D---- C:\Program Files (x86)
2011-03-09 08:23:49 ----D---- C:\Windows\System32
2011-03-09 08:23:49 ----D---- C:\Windows\inf
2011-03-09 08:23:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-09 08:23:42 ----D---- C:\Program Files (x86)\BOINC
2011-03-09 08:23:17 ----D---- C:\Windows\system32\Tasks
2011-03-09 08:21:16 ----D---- C:\ProgramData\BOINC
2011-03-09 08:19:32 ----D---- C:\Windows\system32\config
2011-03-09 08:19:21 ----D---- C:\Program Files (x86)\QIP 2010
2011-03-08 18:02:41 ----D---- C:\Users\Laydenka\AppData\Roaming\uTorrent
2011-03-08 17:58:35 ----D---- C:\Users\Laydenka\AppData\Roaming\ICQ
2011-03-05 09:57:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-03-03 10:57:40 ----D---- C:\Users\Laydenka\AppData\Roaming\BSplayer
2011-03-01 17:06:40 ----D---- C:\Program Files (x86)\VstPlugins
2011-03-01 17:06:10 ----D---- C:\Windows\SysWOW64
2011-03-01 17:05:34 ----D---- C:\Program Files (x86)\Image-Line
2011-02-23 22:11:27 ----D---- C:\Windows\system32\catroot
2011-02-23 22:11:26 ----D---- C:\Windows\winsxs
2011-02-23 12:02:49 ----D---- C:\Program Files (x86)\AIMP3
2011-02-22 12:44:10 ----A---- C:\Windows\system32\uxtheme.dll
2011-02-22 12:44:08 ----A---- C:\Windows\system32\themeui.dll
2011-02-22 12:44:03 ----A---- C:\Windows\system32\themeservice.dll
2011-02-20 21:26:22 ----D---- C:\ProgramData
2011-02-20 21:20:52 ----RD---- C:\Program Files
2011-02-19 11:25:44 ----D---- C:\Program Files\Rainmeter
2011-02-18 11:16:26 ----D---- C:\Users\Laydenka\AppData\Roaming\Rainmeter
2011-02-17 15:03:05 ----D---- C:\ProgramData\Microsoft Help
2011-02-17 15:00:35 ----RSD---- C:\Windows\assembly
2011-02-16 17:35:13 ----RSD---- C:\Windows\Fonts
2011-02-16 17:34:42 ----D---- C:\Program Files (x86)\Microsoft Works
2011-02-16 17:33:42 ----A---- C:\Windows\win.ini
2011-02-16 17:15:42 ----SD---- C:\ProgramData\Microsoft
2011-02-16 17:15:25 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-02-13 12:40:38 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-03 834544]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-12-13 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-08 254528]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-12-13 83120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-12-13 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-21 75064]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-01-11 407336]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-03 1255736]

-----------------EOF-----------------

Re: prosim o preventivku, dekuju

Napsal: 09 bře 2011 08:43
od Laydee
info.txt logfile of random's system information tool 1.08 2011-03-09 08:41:08

======Uninstall list======

-->C:\ProgramData\{9D92E4DF-0CEE-44D4-A4FE-2B4A438E1607}\Absynth 5 Setup PC.exe
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
360 Amigo System Speedup PRO-->C:\Program files\360Amigo\Uninstall.exe /REMOVE
7-Zip 9.20-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10n_Plugin.exe -maintain plugin
Adobe Reader X - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA0000000001}
AIMP3-->C:\Program Files (x86)\AIMP3\Uninstall.exe
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
AMD Drag and Drop Transcoding-->MsiExec.exe /X{B95653AB-0E7F-204A-3226-17E9F38E6951}
Any Video Converter Professional 3.0.1-->"C:\Program Files (x86)\AnvSoft\Any Video Converter Professional\unins000.exe"
Apache: Air Assault-->"f:\games\Apache Air Assault\unins000.exe"
Ashampoo Burning Studio 10.0.1-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\unins000.exe"
ASIO4ALL-->C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe
ASUSUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x9
ATI Catalyst Install Manager-->msiexec /q/x{54A0FF28-05C4-81E3-3CC1-13D0C2519EFF} REBOOT=ReallySuppress
ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
aTube Catcher 1.0-->"C:\Program Files (x86)\DsNET Corp\aTube Catcher 1.0\unins000.exe"
aTube Catcher-->C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe
AV Voice Changer Software DIAMOND 6.0-->C:\PROGRA~2\AVVCS6~1.0DI\UNWISE.EXE C:\PROGRA~2\AVVCS6~1.0DI\INSTALL.LOG
AV Voice Changer Software GOLD 7.0-->C:\PROGRA~2\AVVCS7~1.0GO\UNWISE.EXE C:\PROGRA~2\AVVCS7~1.0GO\INSTALL.LOG
Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
BSPlayer-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
Call of Duty: Black Ops-->"F:\Games\Call of Duty - Black Ops\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{6AB57823-3580-4CE0-9CF0-072E2A39460C}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Command & Conquer The First Decade-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}\setup.exe" -l0x9 -removeonly
Command & Conquer™ Red Alert™ 3 Uprising-->MsiExec.exe /X{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}
Command & Conquer™ Red Alert™ 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Counter-Strike-->"F:\Games\CS\steam.exe" steam://uninstall/10
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Drumaxx-->C:\Program Files (x86)\Image-Line\Drumaxx\uninstall.exe
EA Download Manager UI-->msiexec /qb /x {E17141A6-211D-5854-61D9-69827A430D82}
EA Download Manager UI-->MsiExec.exe /I{E17141A6-211D-5854-61D9-69827A430D82}
EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADownloadManager\EADMUninstall.exe
EuroTalk Talk Now Multi-Language-->C:\PROGRA~2\EuroTalk\TALKNO~1\UNWISE.EXE C:\PROGRA~2\EuroTalk\TALKNO~1\INSTALL.LOG
EVEREST Ultimate Edition v5.01-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FIFA 11-->MsiExec.exe /X{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}
FL Studio 9.8-->C:\Program Files (x86)\Image-Line\FL Studio 9\uninstall.exe
FL Studio 9-->C:\Program Files (x86)\Image-Line\FL Studio 9\uninstall.exe
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\fmcodec.inf
Hardcore-->C:\Program Files (x86)\Image-Line\Hardcore\uninstall.exe
ICQ7.2-->"C:\Program Files (x86)\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IL Download Manager-->C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
K-Lite Codec Pack (64-bit) v4.2.0-->"C:\Program Files\KLCP64\unins000.exe"
K-Lite Codec Pack 5.9.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Live 8.1.1-->C:\PROGRA~2\Ableton\LIVE81~1.1\Install\UNWISE.EXE C:\PROGRA~2\Ableton\LIVE81~1.1\Install\INSTALL.LOG
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Mozilla Firefox (3.6.15)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox 4.0b11 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\uninstall\helper.exe
Mozilla Thunderbird (3.1.7)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Native Instruments Absynth 5-->"C:\ProgramData\{9D92E4DF-0CEE-44D4-A4FE-2B4A438E1607}\Absynth 5 Setup PC.exe" REMOVE=TRUE MODIFY=FALSE
Natura Sound Therapy-->C:\Windows\Natura Sound Therapy Uninstaller.exe
Need for Speed(TM) Hot Pursuit-->MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED}
Nokia Connectivity Cable Driver-->RUNDLL32.EXE nsesetupx64.dll,DoNTUninst
Opera 11.01-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
PoiZone-->C:\Program Files (x86)\Image-Line\PoiZone\uninstall.exe
PunkBuster Services-->C:\Windows\system32\pbsvc_bc2.exe -u
QuickTime Alternative 3.2.2-->"C:\Program Files (x86)\QuickTime Alternative\unins000.exe"
Rainmeter-->"C:\Program Files\Rainmeter\uninst.exe"
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Reason 5.0-->"C:\Program Files (x86)\Propellerhead\Reason\Uninstall Reason\unins000.exe"
reFX Nexus VSTi RTAS v2.2.0-->"C:\Program Files (x86)\VstPlugins\Uninstall Nexus\unins000.exe"
RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe"
Sakura-->C:\Program Files (x86)\Image-Line\Sakura\uninstall.exe
Sawer-->C:\Program Files (x86)\Image-Line\Sawer\uninstall.exe
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Total Commander (Remove or Repair)-->C:\Program Files (x86)\totalcmd\tcuninst.exe
Toxic Biohazard-->C:\Program Files (x86)\Image-Line\Toxic Biohazard\uninstall.exe
Ubuntu-->F:\ubuntu\uninstall-wubi.exe
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2412171)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {752A0B7C-BD24-4362-AC86-AB63FEE6F46F}
Update for Outlook 2007 Junk Email Filter (KB2492475)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AB9C3240-8F97-4998-8911-3D40044124FC}
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{D07A61E5-A59C-433C-BCBD-22025FA2287B}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WMV9/VC-1 Video Playback-->MsiExec.exe /X{B3012F41-D8C7-5ABD-05D1-3EF39D9ACC22}

======Hosts File======

::1 localhost

======System event log======

Computer Name: Laydenka-PC
Event Code: 7036
Message: Stav služby Group Policy Client byl zmenen na: running
Record Number: 62989
Source Name: Service Control Manager
Time Written: 20110202131644.354422-000
Event Type: Informace
User:

Computer Name: Laydenka-PC
Event Code: 7036
Message: Stav služby Themes byl zmenen na: running
Record Number: 62988
Source Name: Service Control Manager
Time Written: 20110202131644.354422-000
Event Type: Informace
User:

Computer Name: Laydenka-PC
Event Code: 7036
Message: Stav služby Windows Audio byl zmenen na: running
Record Number: 62987
Source Name: Service Control Manager
Time Written: 20110202131644.338822-000
Event Type: Informace
User:

Computer Name: Laydenka-PC
Event Code: 7036
Message: Stav služby Windows Audio Endpoint Builder byl zmenen na: running
Record Number: 62986
Source Name: Service Control Manager
Time Written: 20110202131644.260822-000
Event Type: Informace
User:

Computer Name: Laydenka-PC
Event Code: 7036
Message: Stav služby Multimedia Class Scheduler byl zmenen na: running
Record Number: 62985
Source Name: Service Control Manager
Time Written: 20110202131643.917621-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Not available
ID souboru CAB: 0

Podpis problému:
P1: x64
P2: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Pripojené soubory:
C:\Windows\Temp\DMI736A.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_8ed79d30855f2f5c26da85f156b174a2e4a71b1_cab_06c973d7

Symbol analýzy:
Opetovné hledání rešení: 0
ID hlášení: 6e2dcf02-178e-11e0-95ba-fe44c2e78ee6
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20110103230853.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110103230804.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20110103230803.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Služba Profil uživatele byla úspešne spuštena.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110103230800.652871-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: Subsystém EventSystem zabranuje vytvárení duplicitních záznamu v protokolu událostí po dobu 86400 sekund. Tuto dobu lze zmenit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíci registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110103230800.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Byla zmenena zabezpecená místní skupina.

Predmet:
ID zabezpecení: S-1-5-18
Název úctu: 37L4247E29-32$
Doména úctu: WORKGROUP
ID prihlášení: 0x3e7

Skupina:
ID zabezpecení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Zmenené atributy:
Název úctu SAM: -
Historie identifikátoru zabezpecení: -

Další informace:
Oprávnení: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230750.185253-000
Event Type: Úspešný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Byla vytvorena zabezpecená místní skupina.

Predmet:
ID zabezpecení: S-1-5-18
Název úctu: 37L4247E29-32$
Doména úctu: WORKGROUP
ID prihlášení: 0x3e7

Nová skupina:
ID zabezpecení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název úctu SAM: Backup Operators
Historie identifikátoru zabezpecení: -

Další informace:
Oprávnení: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230750.185253-000
Event Type: Úspešný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvorena.

Pocet prvku: 0
ID zásady: 0x32c03
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230749.998053-000
Event Type: Úspešný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Úcet byl úspešne prihlášen.

Predmet:
ID zabezpecení: S-1-0-0
Název úctu: -
Doména úctu: -
ID prihlášení: 0x0

Typ prihlášení: 0

Nové prihlášení:
ID zabezpecení: S-1-5-18
Název úctu: SYSTEM
Doména úctu: NT AUTHORITY
ID prihlášení: 0x3e7
GUID prihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové síte -
Zdrojový port: -

Podrobné informace o overení:
Proces prihlášení: -
Balícek overení: -
Prenosové služby: -
Název balícku (pouze NTLM): -
Délka klíce: 0

Tato událost je generována po vytvorení relace prihlášení. Je generována v pocítaci, ke kterému byl získán prístup.

Pole s predmetem oznacují úcet v místním systému, který požadoval prihlášení. Jedná se nejcasteji o službu, napríklad službu serveru nebo místní proces, napríklad Winlogon.exe nebo Services.exe.

Pole Typ prihlášení oznacuje, k jakému typu prihlášení došlo. Nejbežnejší typy jsou 2 (interaktivní) a 3 (sít).

Pole Nové prihlášení oznacují úcet, pro který bylo nové prihlášení vytvoreno, tj. úcet, který byl prihlášen.

Pole Sít oznacují puvod požadavku na vzdálené prihlášení. Název pracovní stanice není vždy k dispozici a v nekterých prípadech muže být toto pole prázdné.

Pole s informacemi o overení poskytují podrobné informace o tomto konkrétním požadavku na prihlášení.
- GUID prihlášení je jednoznacný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Prenosové služby oznacují, které pomocné služby se podílely na tomto požadavku na prihlášení.
- Název balícku oznacuje, který dílcí protokol z protokolu NTLM byl použit.
- Délka klíce oznacuje délku generovaného klíce relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíc relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230748.765651-000
Event Type: Úspešný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána pri spuštení procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230748.734450-000
Event Type: Úspešný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime Alternative\QTSystem;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503

-----------------EOF-----------------

Re: prosim o preventivku, dekuju

Napsal: 09 bře 2011 16:02
od motji
Ahoj :)
Copak počítač trápí? :)

Re: prosim o preventivku, dekuju

Napsal: 09 bře 2011 17:06
od Laydee
mozna uz nic. Nevim :)) Jsem mela nainstalovany taky sw, ze to v dobe nepritomnosti i pritomnosti pocitalo na plny vykon pro nakou spolecnost :) jsem to smazala + par dalsich veci a antivir mi u atube catcher nahlasil vir, tak jestli tam nahodou nemam neco schovany jeste. A jinak porad jel HDD a bylo to cely zabrzdeny i kdyz ted uz ne.

Re: prosim o preventivku, dekuju

Napsal: 09 bře 2011 18:34
od motji
:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Re: prosim o preventivku, dekuju

Napsal: 09 bře 2011 19:32
od Laydee
Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databáze: 6003

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9.3.2011 19:31:43
mbam-log-2011-03-09 (19-31-38).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 320344
Uplynulý èas: 26 minut, 12 sekund

Infikované procesy v pamìti: 0
Infikované moduly v pamìti: 0
Infikované klíèe v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v pamìti:
(Žádné škodlivé položky nebyly zjištìny)

Infikované moduly v pamìti:
(Žádné škodlivé položky nebyly zjištìny)

Infikované klíèe v registru:
(Žádné škodlivé položky nebyly zjištìny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištìny)

Infikované datové položky v registru:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištìny)

Infikované soubory:
c:\Users\Laydenka\AppData\Roaming\desktopicon\ebayshortcuts.exe (Adware.ADON) -> No action taken.
c:\Users\Laydenka\Desktop\av.voice.changer.5.0.19.diamond.full.version\keygen by team virility\keygen.exe (RiskWare.Tool.CK) -> No action taken.

Re: prosim o preventivku, dekuju

Napsal: 09 bře 2011 20:28
od motji
:?: Smaž všechno

:arrow: Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Re: prosim o preventivku, dekuju

Napsal: 09 bře 2011 21:59
od Laydee
Vypada ze to neco naslo. Jdu testovat :)

ComboFix 11-03-08.09 - Laydenka 09.03.2011 21:53:07.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3839.2609 [GMT 1:00]
Running from: c:\users\Laydenka\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Laydenka\AppData\Roaming\Desktopicon
c:\users\Laydenka\AppData\Roaming\Desktopicon\config.ini
.
.
((((((((((((((((((((((((( Files Created from 2011-02-09 to 2011-03-09 )))))))))))))))))))))))))))))))
.
.
2011-03-09 20:55 . 2011-03-09 20:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-03-09 20:55 . 2011-03-09 20:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-09 17:59 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-09 17:58 . 2011-03-09 17:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-09 07:41 . 2011-03-09 07:41 -------- d-----w- C:\rsit
2011-03-07 18:10 . 2011-03-09 13:36 -------- d-----w- c:\program files (x86)\Browser Plugin
2011-03-04 18:36 . 2011-03-04 18:36 -------- d-sh--w- c:\windows\ftpcache
2011-03-04 18:36 . 2011-03-04 18:36 456611 ----a-w- c:\windows\Natura Sound Therapy Uninstaller.exe
2011-03-04 18:36 . 2011-03-04 18:36 -------- d-----w- c:\program files (x86)\Natura Sound Therapy
2011-03-01 16:07 . 2011-03-01 16:07 -------- d-----w- c:\users\Laydenka\AppData\Roaming\Sakura
2011-03-01 16:06 . 2011-03-01 16:06 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-03-01 16:06 . 2011-03-01 16:06 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2011-03-01 16:06 . 2011-03-01 16:06 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2011-03-01 16:05 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2011-02-23 21:11 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-23 21:11 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-02-23 10:54 . 2011-02-23 10:54 -------- d-----w- c:\program files (x86)\Mozilla Firefox 4.0 Beta 11
2011-02-23 08:55 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 08:55 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 08:55 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-23 08:55 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 11:44 . 2009-07-14 01:41 332288 ----a-w- c:\windows\system32\uxtheme.dll.backup
2011-02-22 11:44 . 2009-07-14 01:41 2851328 ----a-w- c:\windows\system32\themeui.dll.backup
2011-02-22 11:44 . 2009-07-14 01:41 44544 ----a-w- c:\windows\system32\themeservice.dll.backup
2011-02-20 20:27 . 2011-02-20 20:27 -------- d-----w- c:\users\Laydenka\AppData\Local\Native Instruments
2011-02-20 20:26 . 2011-02-20 20:26 -------- dc-h--w- c:\programdata\{9D92E4DF-0CEE-44D4-A4FE-2B4A438E1607}
2011-02-20 20:20 . 2011-02-20 20:20 -------- d-----w- c:\program files\Common Files\Native Instruments
2011-02-20 20:20 . 2011-02-20 20:20 -------- d-----w- c:\program files\Native Instruments
2011-02-20 19:28 . 2011-02-20 19:28 -------- d-----w- c:\program files (x86)\Common Files\reFX
2011-02-20 19:18 . 2011-02-20 19:18 -------- d-----w- c:\program files (x86)\Common Files\Digidesign
2011-02-20 19:18 . 2009-10-24 20:15 1332224 ----a-w- c:\windows\SysWow64\SYNSOEMU.DLL
2011-02-16 16:18 . 2011-02-16 16:18 -------- d-----w- c:\windows\cs
2011-02-16 16:16 . 2011-02-16 16:16 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-02-16 16:15 . 2011-02-16 16:16 -------- d-----w- c:\program files (x86)\Windows Live
2011-02-16 16:14 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll
2011-02-16 16:14 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-02-16 16:14 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2011-02-16 16:14 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2011-02-16 16:12 . 2011-02-16 16:12 -------- d-----w- c:\users\Laydenka\AppData\Local\Windows Live
2011-02-16 16:12 . 2011-02-16 16:12 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-02-14 13:53 . 2011-02-14 13:53 -------- d-----w- c:\users\Laydenka\AppData\Roaming\Ashampoo
2011-02-08 17:59 . 2011-02-08 17:59 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-08 17:59 . 2011-02-08 17:59 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-02-08 13:07 . 2011-02-08 13:07 -------- d-----w- c:\users\Laydenka\AppData\Local\Opera
2011-02-08 13:07 . 2011-02-08 13:07 -------- d-----w- c:\program files (x86)\Opera
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-22 11:44 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2011-02-22 11:44 . 2009-07-13 23:54 2851328 ----a-w- c:\windows\system32\themeui.dll
2011-02-22 11:44 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2011-02-07 18:28 . 2011-02-07 18:28 406528 ----a-w- c:\windows\SysWow64\ReWire.dll
2011-02-07 18:28 . 2011-02-07 18:28 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll
2011-02-03 13:53 . 2011-02-03 13:53 181608 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10137.bin
2011-01-24 11:51 . 2011-01-24 11:51 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-01-24 11:51 . 2011-01-21 15:37 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-01-21 15:37 . 2011-01-21 15:37 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-01-21 15:37 . 2011-01-21 15:37 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2011-01-20 16:46 . 2011-01-20 16:46 8720 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2011-01-13 10:20 . 2011-01-28 07:32 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{815542E6-7EDD-4A29-8FD9-2D7382933602}\mpengine.dll
2011-01-10 16:03 . 2011-01-10 16:03 737280 ----a-w- c:\windows\iun6002.exe
2011-01-03 18:50 . 2011-01-03 18:50 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-27 18:00 . 2011-01-04 12:41 92672 ----a-w- c:\windows\system32\ff_vfw.dll
2010-12-20 17:08 . 2011-01-17 15:36 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-13 16:40 . 2011-01-03 16:01 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-12-13 16:40 . 2011-01-03 16:01 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"360Amigo"="c:\program files\360Amigo\360Amigo.exe" [2011-01-27 4003912]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Infium"="c:\program files (x86)\QIP 2010\qip.exe" [2011-02-01 5856640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 98304]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
.
c:\users\Laydenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-2-6 100352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-03 1255736]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-03 834544]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-08 254528]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 203776]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Laydenka\AppData\Roaming\Mozilla\Firefox\Profiles\rg8jz4d0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox 4.0 Beta 11\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-Google Chrome - c:\users\Laydenka\AppData\Local\Google\Chrome\Application\10.0.628.0\Installer\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-03-09 21:57:14
ComboFix-quarantined-files.txt 2011-03-09 20:57
.
Pre-Run: 4 805 570 560
Post-Run: 4 680 339 456
.
- - End Of File - - 16823808F68F99CB30F9F417B9CE570D

Re: prosim o preventivku, dekuju

Napsal: 10 bře 2011 08:42
od motji
Fajn, jak je na tom počítač?

Re: prosim o preventivku, dekuju

Napsal: 10 bře 2011 12:01
od Laydee
zatim dobry, tak to bude nejspis v poradku :)) kuju motji :*

Re: prosim o preventivku, dekuju

Napsal: 10 bře 2011 16:09
od motji
Uklidíme :D

:arrow: Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


:arrow: Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


:arrow: Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázekzáložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázekzáložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy :arrow: ok :arrow: zavřít

Obrázek Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



:arrow: Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

:arrow: Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Re: prosim o preventivku, dekuju

Napsal: 11 bře 2011 08:52
od Laydee
Vycisteno atd. Ale zacal mi blbnou seznam, youtube atd. Nedocita je to do konce a to rozvrzeni stranek taky neni ok :D nez jsem cistila, tak to vsechno jelo. V opere to funguje vsechno ok. Tak se to casem snad nejak opravi.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Laydenka at 2011-03-11 08:48:20
Microsoft Windows 7 Ultimate
System drive C: has 5 GB (9%) free of 50 GB
Total RAM: 3839 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:48:22, on 11.3.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Program Files\360Amigo\360Amigo.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\QIP 2010\qip.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ICQ7.2\ICQ.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Laydenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [360Amigo] "C:\Program files\360Amigo\360Amigo.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7469 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006e8
\??\C:\Windows\system32\conhost.exe
WLIDSvcM.exe 2116
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\360Amigo\360Amigo.exe" -autorun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ICQ7.2\ICQ.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4344.5988c20.1031680157 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 4344 plugin \\.\pipe\gecko-crash-server-pipe.4344
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Laydenka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-03 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"360Amigo"=C:\Program files\360Amigo\360Amigo.exe [2011-01-27 4003912]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Infium"=C:\Program Files (x86)\QIP 2010\qip.exe [2011-02-01 5856640]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-12-13 281768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]

C:\Users\Laydenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-03-11 08:48:20 ----D---- C:\rsit
2011-03-10 09:13:18 ----SHD---- C:\$RECYCLE.BIN
2011-03-09 21:57:16 ----D---- C:\Windows\temp
2011-03-09 18:59:00 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-03-09 18:58:56 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-09 14:15:06 ----D---- C:\Config.Msi
2011-03-09 11:27:17 ----A---- C:\Windows\system32\FntCache.dll
2011-03-09 11:27:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-03-09 11:27:16 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-03-09 11:27:16 ----A---- C:\Windows\system32\DWrite.dll
2011-03-09 11:27:16 ----A---- C:\Windows\system32\d2d1.dll
2011-03-09 11:27:15 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-03-09 11:27:15 ----A---- C:\Windows\system32\EncDec.dll
2011-03-09 11:27:15 ----A---- C:\Windows\system32\CPFilters.dll
2011-03-09 11:27:14 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-03-09 11:27:14 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-03-09 11:27:14 ----A---- C:\Windows\system32\sbe.dll
2011-03-09 11:27:13 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-03-09 11:27:13 ----A---- C:\Windows\system32\mstscax.dll
2011-03-09 11:27:12 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-03-09 11:27:12 ----A---- C:\Windows\system32\mstsc.exe
2011-03-07 19:10:36 ----D---- C:\Program Files (x86)\Browser Plugin
2011-03-04 19:36:20 ----SHD---- C:\Windows\ftpcache
2011-03-04 19:36:19 ----A---- C:\Windows\Natura Sound Therapy Uninstaller.exe
2011-03-04 19:36:18 ----D---- C:\Program Files (x86)\Natura Sound Therapy
2011-03-01 17:07:20 ----D---- C:\Users\Laydenka\AppData\Roaming\Sakura
2011-03-01 17:06:10 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2011-03-01 17:06:10 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2011-03-01 17:06:10 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2011-02-23 22:11:25 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2011-02-23 22:11:25 ----A---- C:\Windows\system32\wcncsvc.dll
2011-02-23 11:54:45 ----D---- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11
2011-02-23 09:55:53 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-02-23 09:55:53 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-02-23 09:55:53 ----A---- C:\Windows\system32\XpsPrint.dll
2011-02-23 09:55:53 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-02-22 12:44:10 ----A---- C:\Windows\system32\uxtheme.dll.backup
2011-02-22 12:44:08 ----A---- C:\Windows\system32\themeui.dll.backup
2011-02-22 12:44:03 ----A---- C:\Windows\system32\themeservice.dll.backup
2011-02-20 21:26:22 ----HDC---- C:\ProgramData\{9D92E4DF-0CEE-44D4-A4FE-2B4A438E1607}
2011-02-20 21:20:53 ----D---- C:\Program Files\Common Files\Native Instruments
2011-02-20 21:20:52 ----D---- C:\Program Files\Native Instruments
2011-02-20 20:18:29 ----A---- C:\Windows\SYSWOW64\SYNSOEMU.DLL
2011-02-16 17:18:09 ----D---- C:\Windows\cs
2011-02-16 17:16:29 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-02-16 17:15:29 ----D---- C:\Program Files (x86)\Windows Live
2011-02-16 17:14:22 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2011-02-16 17:14:22 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2011-02-16 17:14:22 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-02-16 17:14:22 ----A---- C:\Windows\system32\UIRibbon.dll
2011-02-14 14:53:25 ----D---- C:\Users\Laydenka\AppData\Roaming\Ashampoo

======List of files/folders modified in the last 1 months======

2011-03-11 08:48:22 ----D---- C:\Windows\Prefetch
2011-03-11 08:48:21 ----D---- C:\Program Files\trend micro
2011-03-11 08:47:09 ----D---- C:\Windows\system32\config
2011-03-11 08:39:46 ----D---- C:\Windows\System32
2011-03-11 08:39:46 ----D---- C:\Windows\inf
2011-03-11 08:39:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-11 08:34:31 ----D---- C:\Users\Laydenka\AppData\Roaming\ICQ
2011-03-11 08:33:57 ----D---- C:\Program Files (x86)\QIP 2010
2011-03-11 08:32:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-03-11 08:31:58 ----D---- C:\Windows
2011-03-11 08:31:23 ----SHD---- C:\System Volume Information
2011-03-11 08:31:04 ----D---- C:\Windows\system32\drivers
2011-03-11 08:19:21 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2011-03-10 21:03:49 ----D---- C:\Users\Laydenka\AppData\Roaming\AIMP3
2011-03-10 18:33:37 ----D---- C:\Users\Laydenka\AppData\Roaming\uTorrent
2011-03-10 11:07:03 ----SD---- C:\Users\Laydenka\AppData\Roaming\Microsoft
2011-03-09 21:56:02 ----A---- C:\Windows\system.ini
2011-03-09 21:54:38 ----D---- C:\Windows\SYSWOW64\drivers
2011-03-09 21:54:38 ----D---- C:\Windows\SysWOW64
2011-03-09 21:54:38 ----D---- C:\Windows\AppPatch
2011-03-09 21:54:36 ----D---- C:\Program Files\Common Files
2011-03-09 21:54:36 ----D---- C:\Program Files (x86)\Common Files
2011-03-09 18:58:56 ----D---- C:\Program Files (x86)
2011-03-09 14:37:05 ----D---- C:\Windows\winsxs
2011-03-09 14:15:44 ----D---- C:\Windows\debug
2011-03-09 14:15:44 ----A---- C:\Windows\system32\MRT.exe
2011-03-09 14:15:41 ----SHD---- C:\Windows\Installer
2011-03-09 14:15:40 ----D---- C:\ProgramData\Microsoft Help
2011-03-09 14:14:40 ----D---- C:\Windows\system32\catroot2
2011-03-09 11:27:09 ----D---- C:\Windows\system32\catroot
2011-03-09 09:11:45 ----D---- C:\Program Files (x86)\AIMP3
2011-03-09 08:24:46 ----D---- C:\Program Files (x86)\PokerStars.NET
2011-03-09 08:23:42 ----D---- C:\Program Files (x86)\BOINC
2011-03-09 08:23:17 ----D---- C:\Windows\system32\Tasks
2011-03-09 08:21:16 ----D---- C:\ProgramData\BOINC
2011-03-03 10:57:40 ----D---- C:\Users\Laydenka\AppData\Roaming\BSplayer
2011-03-01 17:06:40 ----D---- C:\Program Files (x86)\VstPlugins
2011-03-01 17:05:34 ----D---- C:\Program Files (x86)\Image-Line
2011-02-22 12:44:10 ----A---- C:\Windows\system32\uxtheme.dll
2011-02-22 12:44:08 ----A---- C:\Windows\system32\themeui.dll
2011-02-22 12:44:03 ----A---- C:\Windows\system32\themeservice.dll
2011-02-20 21:26:22 ----D---- C:\ProgramData
2011-02-20 21:20:52 ----RD---- C:\Program Files
2011-02-19 11:25:44 ----D---- C:\Program Files\Rainmeter
2011-02-18 11:16:26 ----D---- C:\Users\Laydenka\AppData\Roaming\Rainmeter
2011-02-17 15:00:35 ----RSD---- C:\Windows\assembly
2011-02-16 17:35:13 ----RSD---- C:\Windows\Fonts
2011-02-16 17:34:42 ----D---- C:\Program Files (x86)\Microsoft Works
2011-02-16 17:33:42 ----A---- C:\Windows\win.ini
2011-02-16 17:15:42 ----SD---- C:\ProgramData\Microsoft
2011-02-16 17:15:25 ----D---- C:\Program Files\Common Files\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-03 834544]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-12-13 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-08 254528]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-12-13 83120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-12-13 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-21 75064]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-01-11 407336]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-03 1255736]

-----------------EOF-----------------

Re: prosim o preventivku, dekuju

Napsal: 11 bře 2011 08:52
od Laydee
info.txt logfile of random's system information tool 1.08 2011-03-11 08:48:23

======Uninstall list======

-->C:\ProgramData\{9D92E4DF-0CEE-44D4-A4FE-2B4A438E1607}\Absynth 5 Setup PC.exe
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
360 Amigo System Speedup PRO-->C:\Program files\360Amigo\Uninstall.exe /REMOVE
7-Zip 9.20-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10n_Plugin.exe -maintain plugin
Adobe Reader X - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA0000000001}
AIMP3-->C:\Program Files (x86)\AIMP3\Uninstall.exe
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
AMD Drag and Drop Transcoding-->MsiExec.exe /X{B95653AB-0E7F-204A-3226-17E9F38E6951}
Any Video Converter Professional 3.0.1-->"C:\Program Files (x86)\AnvSoft\Any Video Converter Professional\unins000.exe"
Apache: Air Assault-->"f:\games\Apache Air Assault\unins000.exe"
Ashampoo Burning Studio 10.0.1-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\unins000.exe"
ASIO4ALL-->C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe
ASUSUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x9
ATI Catalyst Install Manager-->msiexec /q/x{54A0FF28-05C4-81E3-3CC1-13D0C2519EFF} REBOOT=ReallySuppress
ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
aTube Catcher 1.0-->"C:\Program Files (x86)\DsNET Corp\aTube Catcher 1.0\unins000.exe"
aTube Catcher-->C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe
AV Voice Changer Software DIAMOND 6.0-->C:\PROGRA~2\AVVCS6~1.0DI\UNWISE.EXE C:\PROGRA~2\AVVCS6~1.0DI\INSTALL.LOG
AV Voice Changer Software GOLD 7.0-->C:\PROGRA~2\AVVCS7~1.0GO\UNWISE.EXE C:\PROGRA~2\AVVCS7~1.0GO\INSTALL.LOG
Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
BSPlayer-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
Call of Duty: Black Ops-->"F:\Games\Call of Duty - Black Ops\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{6AB57823-3580-4CE0-9CF0-072E2A39460C}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Command & Conquer The First Decade-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}\setup.exe" -l0x9 -removeonly
Command & Conquer™ Red Alert™ 3 Uprising-->MsiExec.exe /X{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}
Command & Conquer™ Red Alert™ 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Counter-Strike-->"F:\Games\CS\steam.exe" steam://uninstall/10
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Drumaxx-->C:\Program Files (x86)\Image-Line\Drumaxx\uninstall.exe
EA Download Manager UI-->msiexec /qb /x {E17141A6-211D-5854-61D9-69827A430D82}
EA Download Manager UI-->MsiExec.exe /I{E17141A6-211D-5854-61D9-69827A430D82}
EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADownloadManager\EADMUninstall.exe
EuroTalk Talk Now Multi-Language-->C:\PROGRA~2\EuroTalk\TALKNO~1\UNWISE.EXE C:\PROGRA~2\EuroTalk\TALKNO~1\INSTALL.LOG
EVEREST Ultimate Edition v5.01-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FIFA 11-->MsiExec.exe /X{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}
FL Studio 9.8-->C:\Program Files (x86)\Image-Line\FL Studio 9\uninstall.exe
FL Studio 9-->C:\Program Files (x86)\Image-Line\FL Studio 9\uninstall.exe
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\fmcodec.inf
Hardcore-->C:\Program Files (x86)\Image-Line\Hardcore\uninstall.exe
ICQ7.2-->"C:\Program Files (x86)\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IL Download Manager-->C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
K-Lite Codec Pack (64-bit) v4.2.0-->"C:\Program Files\KLCP64\unins000.exe"
K-Lite Codec Pack 5.9.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Live 8.1.1-->C:\PROGRA~2\Ableton\LIVE81~1.1\Install\UNWISE.EXE C:\PROGRA~2\Ableton\LIVE81~1.1\Install\INSTALL.LOG
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Mozilla Firefox (3.6.15)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox 4.0b11 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\uninstall\helper.exe
Mozilla Thunderbird (3.1.7)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Native Instruments Absynth 5-->"C:\ProgramData\{9D92E4DF-0CEE-44D4-A4FE-2B4A438E1607}\Absynth 5 Setup PC.exe" REMOVE=TRUE MODIFY=FALSE
Natura Sound Therapy-->C:\Windows\Natura Sound Therapy Uninstaller.exe
Need for Speed(TM) Hot Pursuit-->MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED}
Nokia Connectivity Cable Driver-->RUNDLL32.EXE nsesetupx64.dll,DoNTUninst
Opera 11.01-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
PoiZone-->C:\Program Files (x86)\Image-Line\PoiZone\uninstall.exe
PunkBuster Services-->C:\Windows\system32\pbsvc_bc2.exe -u
QuickTime Alternative 3.2.2-->"C:\Program Files (x86)\QuickTime Alternative\unins000.exe"
Rainmeter-->"C:\Program Files\Rainmeter\uninst.exe"
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Reason 5.0-->"C:\Program Files (x86)\Propellerhead\Reason\Uninstall Reason\unins000.exe"
reFX Nexus VSTi RTAS v2.2.0-->"C:\Program Files (x86)\VstPlugins\Uninstall Nexus\unins000.exe"
RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe"
Sakura-->C:\Program Files (x86)\Image-Line\Sakura\uninstall.exe
Sawer-->C:\Program Files (x86)\Image-Line\Sawer\uninstall.exe
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
Security Update for Microsoft Office Groove 2007 (KB2494047)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Total Commander (Remove or Repair)-->C:\Program Files (x86)\totalcmd\tcuninst.exe
Toxic Biohazard-->C:\Program Files (x86)\Image-Line\Toxic Biohazard\uninstall.exe
Ubuntu-->F:\ubuntu\uninstall-wubi.exe
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2412171)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {752A0B7C-BD24-4362-AC86-AB63FEE6F46F}
Update for Outlook 2007 Junk Email Filter (KB2508979)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D2137BBA-250B-4548-BC1C-19E5009893D7}
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{D07A61E5-A59C-433C-BCBD-22025FA2287B}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WMV9/VC-1 Video Playback-->MsiExec.exe /X{B3012F41-D8C7-5ABD-05D1-3EF39D9ACC22}

======Hosts File======

::1 localhost

======System event log======

Computer Name: Laydenka-PC
Event Code: 62464
Message: UVD Information
Record Number: 65132
Source Name: amdkmdag
Time Written: 20110203130244.926314-000
Event Type: Informace
User:

Computer Name: Laydenka-PC
Event Code: 62464
Message: UVD Information
Record Number: 65131
Source Name: amdkmdag
Time Written: 20110203130244.926314-000
Event Type: Informace
User:

Computer Name: Laydenka-PC
Event Code: 62464
Message: UVD Information
Record Number: 65130
Source Name: amdkmdag
Time Written: 20110203130244.926314-000
Event Type: Informace
User:

Computer Name: Laydenka-PC
Event Code: 62464
Message: UVD Information
Record Number: 65129
Source Name: amdkmdag
Time Written: 20110203130244.926314-000
Event Type: Informace
User:

Computer Name: Laydenka-PC
Event Code: 62464
Message: UVD Information
Record Number: 65128
Source Name: amdkmdag
Time Written: 20110203130244.916314-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Not available
ID souboru CAB: 0

Podpis problému:
P1: x64
P2: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Pripojené soubory:
C:\Windows\Temp\DMI736A.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_8ed79d30855f2f5c26da85f156b174a2e4a71b1_cab_06c973d7

Symbol analýzy:
Opetovné hledání rešení: 0
ID hlášení: 6e2dcf02-178e-11e0-95ba-fe44c2e78ee6
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20110103230853.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110103230804.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20110103230803.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Služba Profil uživatele byla úspešne spuštena.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110103230800.652871-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: Subsystém EventSystem zabranuje vytvárení duplicitních záznamu v protokolu událostí po dobu 86400 sekund. Tuto dobu lze zmenit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíci registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110103230800.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Byla zmenena zabezpecená místní skupina.

Predmet:
ID zabezpecení: S-1-5-18
Název úctu: 37L4247E29-32$
Doména úctu: WORKGROUP
ID prihlášení: 0x3e7

Skupina:
ID zabezpecení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Zmenené atributy:
Název úctu SAM: -
Historie identifikátoru zabezpecení: -

Další informace:
Oprávnení: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230750.185253-000
Event Type: Úspešný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Byla vytvorena zabezpecená místní skupina.

Predmet:
ID zabezpecení: S-1-5-18
Název úctu: 37L4247E29-32$
Doména úctu: WORKGROUP
ID prihlášení: 0x3e7

Nová skupina:
ID zabezpecení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název úctu SAM: Backup Operators
Historie identifikátoru zabezpecení: -

Další informace:
Oprávnení: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230750.185253-000
Event Type: Úspešný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvorena.

Pocet prvku: 0
ID zásady: 0x32c03
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230749.998053-000
Event Type: Úspešný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Úcet byl úspešne prihlášen.

Predmet:
ID zabezpecení: S-1-0-0
Název úctu: -
Doména úctu: -
ID prihlášení: 0x0

Typ prihlášení: 0

Nové prihlášení:
ID zabezpecení: S-1-5-18
Název úctu: SYSTEM
Doména úctu: NT AUTHORITY
ID prihlášení: 0x3e7
GUID prihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové síte -
Zdrojový port: -

Podrobné informace o overení:
Proces prihlášení: -
Balícek overení: -
Prenosové služby: -
Název balícku (pouze NTLM): -
Délka klíce: 0

Tato událost je generována po vytvorení relace prihlášení. Je generována v pocítaci, ke kterému byl získán prístup.

Pole s predmetem oznacují úcet v místním systému, který požadoval prihlášení. Jedná se nejcasteji o službu, napríklad službu serveru nebo místní proces, napríklad Winlogon.exe nebo Services.exe.

Pole Typ prihlášení oznacuje, k jakému typu prihlášení došlo. Nejbežnejší typy jsou 2 (interaktivní) a 3 (sít).

Pole Nové prihlášení oznacují úcet, pro který bylo nové prihlášení vytvoreno, tj. úcet, který byl prihlášen.

Pole Sít oznacují puvod požadavku na vzdálené prihlášení. Název pracovní stanice není vždy k dispozici a v nekterých prípadech muže být toto pole prázdné.

Pole s informacemi o overení poskytují podrobné informace o tomto konkrétním požadavku na prihlášení.
- GUID prihlášení je jednoznacný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Prenosové služby oznacují, které pomocné služby se podílely na tomto požadavku na prihlášení.
- Název balícku oznacuje, který dílcí protokol z protokolu NTLM byl použit.
- Délka klíce oznacuje délku generovaného klíce relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíc relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230748.765651-000
Event Type: Úspešný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána pri spuštení procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110103230748.734450-000
Event Type: Úspešný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime Alternative\QTSystem;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503

-----------------EOF-----------------

Re: prosim o preventivku, dekuju

Napsal: 11 bře 2011 13:33
od motji
Zkus prohlížeč přeinstalovat.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz